Senior Director, Governance, Risk and Compliance

Your Impact at Lila

We’re looking for a Senior Director of Governance, Risk & Compliance (GRC) to build and scale our compliance function as we expand across U.S. Federal and DoD markets. This is a hands-on leadership role for someone who has stood up serious compliance programs in fast-moving environments and knows how to balance speed, risk, and revenue. You will own GRC end to end—SOC2, ISO, GDPR, FedRAMP, DoD Cloud SRG (IL5/IL6), and CMMC—and partner closely with Engineering, Cloud Ops, Product, Legal, and executive leadership to make compliance a growth enabler, not a bottleneck.

What You'll Be Building

Build & Lead the GRC Function

• Design and own Lila’s enterprise GRC program, including policies, standards, risk frameworks, and operating cadence.
• Translate complex regulatory requirements into practical, implementable controls for software, engineering, and operations teams.

Own and manage Trust Portal

• Own Lila Trust Portal as a strategic GRC asset, aligning disclosures with regulatory requirements, customer expectations, and go-to-market needs while partnering with Security, Legal, Privacy, Product, and Sales to ensure consistency and credibility.

FedRAMP Ownership

• Own the full FedRAMP lifecycle from readiness through ATO and continuous monitoring.
• Serve as primary point of contact for 3PAOs, sponsoring agencies, and Authorizing Officials.
• Drive development and maintenance of SSPs, POA&Ms, SARs, CMPs, and supporting evidence.
• Partner with executives on risk acceptance and remediation prioritization.

DoD IL5 / IL6 Enablement

• Lead compliance strategy for DoD Cloud Computing SRG IL5 and IL6 environments.
• Work directly with cloud and security engineering teams to meet high-impact requirements.
• Support customer security reviews, audits, and authorization packages.

CMMC & Defense Readiness

• Define and execute Lila’s CMMC readiness and compliance roadmap.
• Align NIST SP 800-171 controls, across engineering, IT, and business operations.
• Prepare Lila for CMMC assessments tied to defense contracts.

Third Party Risk Management

• Due Diligence & Assessment: Execute risk assessments for onboarding new vendors and re-evaluating existing ones, assessing cybersecurity, financial, and operational risks.
• Monitoring & Reporting: Monitor vendor performance against Service Level Agreements (SLAs) and report risk profiles to senior leadership.
• Regulatory Compliance: Ensure vendor compliance with internal policies and external regulations, specifically focusing on data security.
• Issue Mitigation: Identify risks, facilitate remediation plans, and, if necessary, assist with risk acceptance processes.

Risk Management & Metrics

• Run enterprise risk assessments, gap analyses, and mitigation plans.
• Implement lightweight automation for evidence collection, validation, and reporting.
• Deliver executive-level dashboards focused on real risk and progress.

Executive & Customer Engagement

• Act as a trusted advisor to the CISO on compliance risk and deal enablement.
• Lead customer due diligence, security questionnaires, and regulatory briefings.
• Represent the company during audits, assessments, and government reviews.

What You’ll Need to Succeed

• 10–15+ years of cybersecurity GRC experience with deep Federal and DoD exposure
• Hands-on ownership of FedRAMP authorizations
• Direct experience with DoD Cloud SRG IL5 and/or IL6
• Strong knowledge of CMMC, NIST SP 800-171, RMF, and NIST SP 800-53
• Experience in high-growth environments
• Experience at a GovCloud, SaaS, or defense-focused startup
• Relevant certifications (CISSP, CISM, CISA, CRISC)
• Experience supporting regulated revenue growth pre- and post-ATO
• Ability to operate at both executive and execution levels
• U.S. citizenship required; active or eligible clearance preferred

About Lila

Lila Sciences is the world’s first scientific superintelligence platform and autonomous lab for life, chemistry, and materials science.  We are pioneering a new age of boundless discovery by building the capabilities to apply AI to every aspect of the scientific method.  We are introducing scientific superintelligence to solve humankind's greatest challenges, enabling scientists to bring forth solutions in human health, climate, and sustainability at a pace and scale never experienced before. Learn more about this mission at  www.lila.ai

If this sounds like an environment you’d love to work in, even if you only have some of the experience listed below, we encourage you to apply.

We’re All In

Lila Sciences is committed to equal employment opportunity regardless of race, color, ancestry, religion, sex, national origin, sexual orientation, age, citizenship, marital status, disability, gender identity or Veteran status.

Information you provide during your application process will be handled in accordance with our Candidate Privacy Policy.

A Note to Agencies

Lila Sciences does not accept unsolicited resumes from any source other than candidates. The submission of unsolicited resumes by recruitment or staffing agencies to Lila Sciences or its employees is strictly prohibited unless contacted directly by Lila Science’s internal Talent Acquisition team. Any resume submitted by an agency in the absence of a signed agreement will automatically become the property of Lila Sciences, and Lila Sciences will not owe any referral or other fees with respect thereto.